The present invention relates generally to distributing an integrated circuit core, and more particularly to a method of ensuring that a core designed by a core supplier will be used only by an authorized party, and by such an authorized party only an authorized number of times.
In recent years, constant innovation in silicon process technology has drastically reduced the price and increased the performance and functionality of integrated circuit devices. With these improvements come increasing demands on the integrated circuit design system developers for still faster and cheaper devices. As a result, electronic system design is now moving to a methodology known in the art as xe2x80x9csystem on a chipxe2x80x9d in which a system is designed by integrating a plurality of existing xe2x80x9ccoresxe2x80x9d obtained, purchased, or licensed from various suppliers.
Cores are defined as any reproducible circuit description, often referred to in the industry as logic cores or circuit cores. The term xe2x80x9ccorexe2x80x9d as used herein is intended to cover all such definitions. In general, there are three types of cores: soft, firm, and hard. Hard cores are functions with mask layout data for the physical layout information. Firm cores are machine-readable netlists that are ready for place and route. Soft cores are available as synthesizable, encryptable files which allow the customer to optimize the core for the intended function.
The core suppliers would like to license their cores to as many customers as possible. However, suppliers are currently unable to easily monitor the number of times a licensed core is used and, therefore, whether the appropriate license fee has been paid by the customer. Moreover, suppliers cannot monitor whether only authorized parties have obtained copies of the core, or whether the core has been modified without permission.
One solution to these problems is for a supplier to directly police a customer""s fabrication facility, whether within the customer""s business or out-sourced. However, most customers do not want a core supplier to be able to interfere with manufacturing, even for license monitoring, particularly when manufacturing is out-sourced. Thus, a more efficient and customer-acceptable policing method is needed.
Programmable logic devices (PLDs), such as the field programmable gate array (FPGA) or the complex programmable logic device (CPLD), provide an especially convenient vehicle for integrating cores (particularly firm or soft cores) into user designs. PLDs, as described and claimed in numerous patents assigned to Xilinx, Inc., assignee of the present invention, allow a customer to configure (and reconfigure) the programmable elements on the PLD to implement various logic functions. Because of this versatility, the cores implemented on a PLD can be updated as improvements in functionality,and efficiency occur without requiring new silicon. Specifically, a PLD can simply be reconfigured with the improved design, instead of designing a new device. However, currently, the use of PLDs does not address the challenge of how to police and account for proper licensing of cores.
To address the shortcomings of the prior art, the present invention provides a PLD including a non-volatile permission memory block to enable a customer to utilize the core. In one embodiment, the core supplier designs its core to check for a specified permission bit or bit pattern in the permission memory block before the core will operate. If the permission bit or bit pattern is set properly, the core functions correctly when implemented in the PLD. If not, the core will not function.
To control the number of copies the customer can implement, the core supplier instructs the PLD manufacturer to give the customer a predetermined number of devices with the permission memory block set for the supplier""s core. The manufacturer then sets the permission bits appropriately, and ships the devices to the customer. Because the supplier""s core will only function if the device contains the appropriate permission bits, the supplier can be confident that the customer cannot make or use more copies than the number of appropriately set devices received from the manufacturer Thus, the supplier need not visit the customer to count the number of copies being made by the customer.
To prevent the customer from modifying the core such that it no longer depends upon the permission bits to function, the configuration bitstream used to program they PLD can be encrypted before and during transmission to the PLD. This encryption ensures security of the customer""s logic design as well as the supplier""s core design In this manner, the customer remains dependent upon properly set permission memory bits, i.e. proper permission, to obtain core functionality.